People´s personal data are being processed every second – at work, in their relations with public authorities, in the health field, when they buy goods or services, travel or surf the Internet.

Individuals are generally unfamiliar with the risks related to the protection of their personal data and of their rights in this respect. They are seldom aware of what they can do if they consider that their rights have been breached, or of the role of national data protection agencies.

In 2006 the Council of Europe launched a Data Protection Day to be celebrated each year on 28 January, the date on which the Council of Europe’s data protection convention, known as “Convention 108”, was opened to signature. Data Protection Day is now celebrated globally and is called Privacy Day outside Europe.

On this date, governments, parliaments, national data protection bodies and other actors carry out activities to raise awareness about the rights to personal data protection and privacy. These may include campaigns targeting the general public, educational projects for teachers and students, open doors at data protection agencies and conferences.

The data protection convention, which is the only international treaty in this field, is being updated to ensure that its data protection principles are still in line with today’s needs.

2017 Edition 2017 Edition
Council of Europe Strasbourg 27 January 2017
  • Diminuer la taille du texte
  • Augmenter la taille du texte
  • Imprimer la page
  • Imprimer en PDF
Data Protection Day: guidelines to protect the people behind Big Data

Ahead of Data Protection Day on 28 January, the Committee of the Council of Europe´s Data Protection Convention, also known as “Convention 108”, adopted this week Guidelines on Big Data aiming to assist policy makers and organisations processing personal data to place people at the centre the digital economy.

The nature of Big Data may make very challenging the application of traditional principles of personal data protection, such as purpose limitation or data minimisation. The guidelines contain a set of recommendations such as:

  • Any Big Data processing of personal data should comply with the requirement of free, specific, informed and unambiguous consent, and the principles of purpose limitation, fairness and transparency.
  • Data processors should provide easy and user-friendly technical way for individuals to withdraw their consent.
  • Data controllers and processors should assess the likely impact on human rights of Big Data processing, for example, by establishing ethical committees. They should carry out risk assessments, and develop solutions by-design and by-default to mitigate the risks.
  • The technical anonymisation of data could be combined with legal or contractual obligations to prevent possible re-identification of the persons concerned.

Alessandra Pierucci, Chairperson of the Committee of “Convention 108” highlighted “the importance of providing guidance on what has become in the past years an exponential source of knowledge, and an exponential source of processing of personal data. This first step of the Committee towards a stronger protection of persons in our big data environment will have to lead to further steps, to follow the fast pace evolution of big data related technologies”.

A Council of Europe delegation is participating today in a session on the Council of Europe’s approach to Big Data at the 10th Edition of the “Computers, Privacy and Data Protection” international conference (CDPC), which is held in Brussels from 25 to 27 January.

Session Session

Video of the session on the Council of Europe’s approach to Big Data at the 10th Edition of the “Computers, Privacy and Data Protection” international conference (CDPC) [January 2017]

Guide Guide

Rights of Internet Users

The Council of Europe has created a guide for Internet users to help them better understand their human rights online and what they can do when these rights are challenged.

Generally, these rights are set out in the terms of service of Internet companies, which are mostly lengthy legal contractual conditions which are seldom read and even more seldom fully understood.

Handbook Handbook

Handbook on European data protection law

The aim of this handbook is to raise awareness and improve knowledge of data protection rules in European Union and Council of Europe member states by serving as the main point of reference to which readers can turn.

It is designed for non-specialist legal professionals, judges, national data protection authorities and other persons working in the field of data protection. (more...)

Beyond Beyond

This short film highlights the dangers posed by those who wish to illegally obtain private data.